Seven Deadliest USB Attacks (Seven Deadliest Attacks)
Brian Anderson
Language: English
Pages: 256
ISBN: 1597495530
Format: PDF / Kindle (mobi) / ePub
Seven Deadliest USB Attacks provides a comprehensive view of the most serious types of Universal Serial Bus (USB) attacks. While the book focuses on Windows systems, Mac, Linux, and UNIX systems are equally susceptible to similar attacks.
The book consists of seven chapters that cover the following: (i) USB Hacksaw; (ii) the USB Switchblade; (iii) viruses and malicious codes; (iv) USB-based heap overflow; (v) the evolution of forensics in computer security; (vi) pod slurping; and (vii) the human element of security, including the risks, rewards, and controversy surrounding social-engineering engagements.
This book was written to target a vast audience including students, technical staff, business leaders, or anyone seeking to understand fully the removable-media risk for Windows systems. It provides the tools, tricks, and detailed instructions necessary to reconstruct and mitigate these activities while peering into the risks and future aspects surrounding the respective technologies. The attacks outlined in this book are intended for individuals with moderate Microsoft Windows proficiency.
- Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally
- Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how
- Institute countermeasures, don’t be caught defenseless again, and learn techniques to make your computer and network impenetrable
though 71 percent know that Rhttp://live.sysinternals.com/ 17 18 CHAPTER 1 USB Hacksaw it is against policy.1 Even if they were unable to disable the security software, crafty personnel will find another means to do what they need. These statistics are frightening considering the critical types of data employees can work with on a daily basis. Regulators, Mount Up Over the last decade, numerous Federal and state legislation regarding data loss have been established or amended with
convenient usages for auditing and general system administration, this deployment method could significantly increase in popularity. There are a large number of possible mutations a device of the Switchblade sort can take. Keep your eye on the Hak.5 wiki and forums, as they are always cooking up some interesting creations. 63 chapter USB-Based Virus/Malicious Code Launch 3 Information in This Chapter • Invasive Species among Us • Anatomy of the Attack • Evolution of the Attack • Why
All the Fuss? • Defending against This Attack We are currently facing a problem of pandemic proportions with viruses and other forms of malicious code being propagated through unexpected avenues. Advanced tactics are making it increasingly difficult to identify the actual source of this mischief. A majority of these threats now appear to be originating from Asia with fluctuating functionality.A While the risk of being exposed to malicious code is nothing new, how you can be exposed to it is
shown in Figure 4.2 below.CC The VID and PID are important here because they determine which drivers are loaded when the device is inserted. A single VID can correspond to many PIDs, and an example of this would be any typical multifunction printer on the market that has scan, fax, and copy capabilities. In their research, they were able to locate specific drivers that were vulnerable to arbitrary input and thereby executing any code of choice. USB defines a set of class codes that are used to
Xwww.softpedia.com/get/System/System-Miscellaneous/Prevent.shtml Ywww.bluecoat.com/doc/529 171 172 CHAPTER 6 Pod Slurping A workaround is available to disable the screen-print function entirely on Windows systems, but this risk still persists. Phones and other hand-held devices now include onboard cameras that can be used to capture static or motion shots from any screen in range. This factor should be considered when deciding the necessary restrictions to impose on an environment. If you